Fortinet black logo

Administration Guide

Home FortiPAM 1.3.0 Administration Guide
1.3.0
1.3.0
1.2.0
1.1.2
1.1.1
1.1.0
1.0.3
1.0.2
1.0.1
1.0.0

Secret

Secret

Go to Secret in Log & Report to see logs related to the following:

  • Secret

  • Clear Text

  • Check-outs and Check-ins

  • Password Changes

  • Secret Video

  • Secret Request

  • Job

  • Service Account

    • The following options are available in the tabs:

    Back ()

    Go back to Secret.
    Export

    From the Export dropdown, select to export the logs in the following three formats:

    • JSON: Export the selected secret session log to your computer as a JSON file named as secret-xyz-YYYY_MM_DD.json

    • CSV: Export the selected secret session log to your computer as a CSV file named as secret-xyz-YYYY_MM_DD.csv

    • TEXT: Export the selected secret session log to your computer as a text file named as secret-xyz-YYYY_MM_DD.txt
    Log location

    Select a source from where to retrieve logs:

    • Disk (default) (FortiPAM)

    • FortiAnalyzer

    See FortiAnalyzer logging for setting up FortiAnalyzer as the remote logging server.
    Time frame

    From the dropdown, select from the following time filters:

    • 5 minutes

    • 1 hour

    • 24 hours

    • 7 days

    • Custom

    • View All

    Custom filter

    1. From the dropdown, select Custom.
    2. In the window that opens, you can set combinations of =, Range, <=, >=, and NOT.
    3. Enter a date and time.
    4. Click Apply.

      For example, to create a range filter that filters and displays all the logs between 8:00 AM on 10th October, 2023 to 1:00 PM on 12th October 2023, we set up a filter that looks like the following:

    Refresh

    To refresh the contents, click the refresh icon.

    Details

    Select to see details for the selected log entry.

    Search

    Enter a search term in the search field, then hit Enter to search the secret video list. To narrow down your search, see Column filter.

Secret

Selecting Secret opens all the secret logs. Different subcategories of secret logs are displayed when you click on a secret log.

where:

  • Secret Address: The IP address or FQDN of the actual target server.

  • Gateway: The gateway name for the secret.

  • Destination IP: The next hop IP address. If the next hop is FortiPAM, this is the IP address of FortiPAM.

    If the next hop is the actual target server, this is the IP address of the actual target server.

    If the next hop is a gateway, this is the IP address of the gateway.

Clear Text

Selecting Clear Text shows logs related to viewing passwords. This category of the secret log shows all the information related to the launching of a secret, uploading of a video, termination of a launched session, and status of a FortiPAM token.

Check-outs and Check-ins

Selecting Check-outs and Check-ins shows logs related to password check-ins and check-outs. It displays all the information related to secret check-out and check-in.

Password Changes

Selecting Password Changers shows logs related to password changers. It displays all the information about when a password changer is triggered on a secret. It indicates whether the operation is successful and who initiated the operation. Operations such as password verification or change of password are recorded here.

For some column descriptions, see Secret.

Secret Video

Selecting Secret Video shows logs related to secret videos. This category of the secret log shows all the videos of launched secrets from FortiPAM. It is helpful to assist in auditing a user's behavior on the secret, ensuring that no malicious activity is performed.

To view a recorded video of a launched secret:
  1. Select the log with the operation labelled as Video upload finished, then click the Details button located at the right of the menu.

    Alternatively, double-click the log labelled as Video upload finished.

    The video player opens, and the secret video is automatically played.

To download a recorded video of a launched secret:
  1. Select the log with the operation labelled as Video upload finished, then click the Details button located at the right of the menu.

    Alternatively, double-click the log labelled as Video upload finished.

  2. From the window that opens, select the download icon () to save the secret video on your computer in WebM format.

Secret Request

Selecting Secret Request shows logs related to secret requests. This category of the secret log shows all the information related to a secret that requires secret approval. It indicates when a request is submitted for a secret or when a request is approved or denied.

Job

Selecting Job shows all logs related to jobs. This category of secret log keeps track of all the events related to an execution of a job on a secret. This includes the job name, the user who initiated the job, the type of the job, and whether the job is executed successfully.

Service Account

Selecting Service Account shows all the logs related to service accounts. This category of the secret log shows information related to updating credentials related to a service account.

Previous
Next

Secret

Go to Secret in Log & Report to see logs related to the following:

  • Secret

  • Clear Text

  • Check-outs and Check-ins

  • Password Changes

  • Secret Video

  • Secret Request

  • Job

  • Service Account

    • The following options are available in the tabs:

    Back ()

    Go back to Secret.
    Export

    From the Export dropdown, select to export the logs in the following three formats:

    • JSON: Export the selected secret session log to your computer as a JSON file named as secret-xyz-YYYY_MM_DD.json

    • CSV: Export the selected secret session log to your computer as a CSV file named as secret-xyz-YYYY_MM_DD.csv

    • TEXT: Export the selected secret session log to your computer as a text file named as secret-xyz-YYYY_MM_DD.txt
    Log location

    Select a source from where to retrieve logs:

    • Disk (default) (FortiPAM)

    • FortiAnalyzer

    See FortiAnalyzer logging for setting up FortiAnalyzer as the remote logging server.
    Time frame

    From the dropdown, select from the following time filters:

    • 5 minutes

    • 1 hour

    • 24 hours

    • 7 days

    • Custom

    • View All

    Custom filter

    1. From the dropdown, select Custom.
    2. In the window that opens, you can set combinations of =, Range, <=, >=, and NOT.
    3. Enter a date and time.
    4. Click Apply.

      For example, to create a range filter that filters and displays all the logs between 8:00 AM on 10th October, 2023 to 1:00 PM on 12th October 2023, we set up a filter that looks like the following:

    Refresh

    To refresh the contents, click the refresh icon.

    Details

    Select to see details for the selected log entry.

    Search

    Enter a search term in the search field, then hit Enter to search the secret video list. To narrow down your search, see Column filter.

Secret

Selecting Secret opens all the secret logs. Different subcategories of secret logs are displayed when you click on a secret log.

where:

  • Secret Address: The IP address or FQDN of the actual target server.

  • Gateway: The gateway name for the secret.

  • Destination IP: The next hop IP address. If the next hop is FortiPAM, this is the IP address of FortiPAM.

    If the next hop is the actual target server, this is the IP address of the actual target server.

    If the next hop is a gateway, this is the IP address of the gateway.

Clear Text

Selecting Clear Text shows logs related to viewing passwords. This category of the secret log shows all the information related to the launching of a secret, uploading of a video, termination of a launched session, and status of a FortiPAM token.

Check-outs and Check-ins

Selecting Check-outs and Check-ins shows logs related to password check-ins and check-outs. It displays all the information related to secret check-out and check-in.

Password Changes

Selecting Password Changers shows logs related to password changers. It displays all the information about when a password changer is triggered on a secret. It indicates whether the operation is successful and who initiated the operation. Operations such as password verification or change of password are recorded here.

For some column descriptions, see Secret.

Secret Video

Selecting Secret Video shows logs related to secret videos. This category of the secret log shows all the videos of launched secrets from FortiPAM. It is helpful to assist in auditing a user's behavior on the secret, ensuring that no malicious activity is performed.

To view a recorded video of a launched secret:
  1. Select the log with the operation labelled as Video upload finished, then click the Details button located at the right of the menu.

    Alternatively, double-click the log labelled as Video upload finished.

    The video player opens, and the secret video is automatically played.

To download a recorded video of a launched secret:
  1. Select the log with the operation labelled as Video upload finished, then click the Details button located at the right of the menu.

    Alternatively, double-click the log labelled as Video upload finished.

  2. From the window that opens, select the download icon () to save the secret video on your computer in WebM format.

Secret Request

Selecting Secret Request shows logs related to secret requests. This category of the secret log shows all the information related to a secret that requires secret approval. It indicates when a request is submitted for a secret or when a request is approved or denied.

Job

Selecting Job shows all logs related to jobs. This category of secret log keeps track of all the events related to an execution of a job on a secret. This includes the job name, the user who initiated the job, the type of the job, and whether the job is executed successfully.

Service Account

Selecting Service Account shows all the logs related to service accounts. This category of the secret log shows information related to updating credentials related to a service account.

Previous
Next